sarif-cli

mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 09:13:04 +01:00

Author	SHA1	Message	Date
Michael Hohn	ee11214aee	Add support for external timestamps This allows external files containing timestamps = { "db_create_start" : pd.Timestamp(0.0, unit='s'), "db_create_stop" : pd.Timestamp(0.0, unit='s'), "scan_start_date" : pd.Timestamp(0.0, unit='s'), "scan_stop_date" : pd.Timestamp(0.0, unit='s'), } to be used to provide those values, instead of the above defaults. This patch changes the top-level scripts bin/sarif-extract-scans bin/sarif-extract-scans-runner and provides scripts/test-timestamps.sh for verification. The following keys are also accepted: { "db_create_start": ..., "db_create_stop": ..., "scan_start": ... "scan_stop": ... }	2023-08-18 17:06:58 -07:00
Michael Hohn	3854036fa7	Don't trail the project name with a dash if the subset name is blank	2023-08-03 17:06:54 -07:00
Michael Hohn	3dfb297612	Make project_name unique by adding automationDetails to it	2023-07-20 22:39:10 -07:00
Michael Hohn	ebeaced0f4	Remove automationDetails from CSV output This reverses commit `68b43e05` to keep the CSV compatible with prior output	2023-07-17 10:30:35 -07:00
Michael Hohn	c299321ab8	Remove repls; add scripts/test-vcp.sh	2023-07-13 16:03:01 -07:00
Michael Hohn	68b43e0514	wip: debug and get automationDetails into CSV output	2023-07-12 17:04:23 -07:00
Michael Hohn	606912c8c3	Merge remote-tracking branch 'refs/remotes/origin/master'	2023-07-10 09:03:45 -07:00
Kristen Newbury	6b248d2474	Add missing columns to column order list prev missing cols: source_location and sink_location missing from prev patch but were missing in problem only results case anyways	2023-06-02 16:22:18 -04:00
Kristen Newbury	9407e5b00f	Add ability to read automationDetails.id if present	2023-05-17 15:23:19 -04:00
Michael Hohn	e62c351029	Merge remote-tracking branch 'kristen/main'	2023-01-23 13:14:14 -08:00
Kristen Newbury	1a915e4de8	Update how project_id is generated previously relied on assumption: naming like: <org>/<project> in repositoryUri now just uses full repositoryUri	2023-01-05 16:37:55 -05:00
Kristen Newbury	fc2c6bac99	Add capability to read sourceLanguage if exists in CLI sarif otherwise dummy val previously assumed never present in CLI sarif	2023-01-05 12:50:54 -05:00
Kristen Newbury	04a5aae14d	Add CLI support enabled by -f flag with CLI value tested on sarif from CodeQL CLIs: 2.6.3, 2.9.4, 2.11.4 MUST contain versionControlProvenance property however	2022-12-15 19:12:58 -05:00
Kristen Newbury	69f5ef09a4	Merge branch 'addCLISignature'	2022-12-13 12:22:43 -05:00
Kristen Newbury	2ba9593d70	Add CLI support enabled by -f flag with CLI value tested on sarif from CodeQL CLIs: 2.6.3, 2.9.4, 2.11.4 MUST contain versionControlProvenance property however	2022-12-13 12:14:32 -05:00
Kristen Newbury	1d1734eabe	Add query_tags column to the results table	2022-12-05 11:27:27 -05:00
Kristen Newbury	fb0e1b9c1c	Change sarif sig severity to problem.severity and rm redundant table col for kind	2022-12-02 16:00:40 -05:00
Kristen Newbury	2bda917a4e	Improve error handling on signature mismatch cases and cleanup old todos that have been addressed	2022-11-23 14:06:23 -05:00
Kristen Newbury	066fcb8248	Add error handling csv writer writer generates status csv per sarif	2022-11-14 13:02:36 -05:00
Kristen Newbury	ae4f71e804	Fix regex for repo url parsing	2022-11-10 15:56:49 -05:00
Kristen Newbury	1caf03f5f0	Rework project name format and project id format	2022-11-07 13:56:50 -05:00
Kristen Newbury	c51dbba577	Add fake date ranges to scan default values	2022-10-26 11:28:06 -04:00
Kristen Newbury	3b3999cfd7	Add kind, precision, severity to scan table for path-problem	2022-10-13 16:44:20 -04:00
Kristen Newbury	3385d9a10a	Add kind, precision, severity to scan table	2022-10-13 13:54:32 -04:00
Michael Hohn	2b42a7d306	scan table change: the results.query_id is the @id from the CodeQL query Before, the query_id was ==> results.csv <== query_id STRING, -- git commit id of the ql query set now, it's query_id STRING, -- @id from the CodeQL query	2022-08-11 16:56:20 -07:00
Michael Hohn	8ad69a503b	Reduce zero results from error to warning	2022-08-11 16:26:07 -07:00
Michael Hohn	38af30ead9	Switch numpy.datetime64() to numpy.dtype('M') to get working equality comparison	2022-08-10 17:33:44 -07:00
Michael Hohn	505ee8ea66	Export column types for scan-related pandas tables	2022-08-08 16:48:17 -07:00
Michael Hohn	560b9ecf35	Enforce types when forming the scan tables (internal and output formatting) Force all column types to ensure appropriate formatting for writing. In particular, no character data in place of integers, no floats, no objects in place of strings. Table formation for the functions - st.joins_for_results - st.joins_for_scans - st.joins_for_projects enforces types.	2022-08-07 19:04:13 -07:00
Michael Hohn	741be0cfe1	Include project table in output of sarif-extract-scans; add commit_id to scans table	2022-06-02 16:45:04 -07:00
Michael Hohn	fd55969b76	fix: special concatenation case for empty tables	2022-06-01 17:44:50 -07:00
Michael Hohn	32413984e2	fix: only concatenate non-empty tables to suppress float conversion	2022-06-01 17:34:56 -07:00
Michael Hohn	82a8e7a6dc	fix: set id and scan_id type to uint64 to suppress float conversion	2022-06-01 13:00:37 -07:00
Michael Hohn	eb8e2f18e9	Initial version of sarif-extract-scans, to be tested Running cd ~/local/sarif-cli/data/treeio sarif-extract-scans scan-spec-0.json test-scan produces the 2 derived and one sarif-based table (codeflows.csv): ls test-scan/ codeflows.csv results.csv scans.csv Adding -r via sarif-extract-scans -r scan-spec-0.json test-scan writes all tables: ls test-scan/ artifacts.csv kind_pathproblem.csv project.csv results.csv scans.csv codeflows.csv kind_problem.csv relatedLocations.csv rules.csv	2022-05-16 18:58:53 -07:00
Michael Hohn	154b0bdc56	WIP: assemble derived 'results' table	2022-05-13 17:01:18 -07:00

35 Commits